Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,444
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,364 advisories

Loading
Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful... High Unreviewed
CVE-2024-13291 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows... Critical Unreviewed
CVE-2024-13258 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows... Critical Unreviewed
CVE-2024-13253 was published Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Commerce View Receipt allows Forceful Browsing... Moderate Unreviewed
CVE-2024-13257 was published Jan 9, 2025
Mattermost Incorrect Authorization vulnerability Low
CVE-2025-22449 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 9, 2025
stevebeattie
The WebChannel API, which is used to transport various information across processes, did not... Moderate Unreviewed
CVE-2025-0237 was published Jan 7, 2025
An improper access control vulnerability exists in SimplCommerce at commit... High Unreviewed
CVE-2024-50945 was published Dec 27, 2024
Letta (previously MemGPT) incorrect access control vulnerability High
CVE-2024-39025 was published for letta (pip) Dec 27, 2024
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could... Low Unreviewed
CVE-2020-9081 was published Dec 27, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2024-47157 was published Dec 26, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2024-47148 was published Dec 26, 2024
Oqtane Framework Insecure Direct Object Reference vulnerability Low
CVE-2024-55186 was published for Oqtane.Client (NuGet) Dec 20, 2024
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects Moderate Unreviewed
CVE-2024-56350 was published Dec 20, 2024
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of... Moderate Unreviewed
CVE-2024-56348 was published Dec 20, 2024
Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This... Moderate Unreviewed
CVE-2024-12831 was published Dec 20, 2024
Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android... Critical Unreviewed
CVE-2023-4617 was published Dec 19, 2024
TShock Security Escalation Exploit High
GHSA-hvm9-wc8j-mgrc was published for TShock (NuGet) Dec 18, 2024
sgkoishi THEXN
Elasticsearch Incorrect Authorization vulnerability Moderate
CVE-2024-12539 was published for org.elasticsearch:elasticsearch (Maven) Dec 17, 2024
Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf... Critical Unreviewed
CVE-2024-54662 was published Dec 17, 2024
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in... Low Unreviewed
CVE-2024-9654 was published Dec 17, 2024
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a... High Unreviewed
CVE-2024-37775 was published Dec 17, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5... Moderate Unreviewed
CVE-2024-8116 was published Dec 16, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5... Moderate Unreviewed
CVE-2024-8650 was published Dec 16, 2024
XWiki allows remote code execution through the extension sheet Critical
CVE-2024-55662 was published for org.xwiki.platform:xwiki-platform-repository-server-ui (Maven) Dec 12, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6... Low Unreviewed
CVE-2024-10043 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database